TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / build / 49f9eb285b86510d25e208c95056cd5104777bec / . / trusted-keys.exp
blob: a7200f5a612fc4719f790f2bd81718ae5fb415a1 [file] [log] [blame]
Sumit Garg45cf44c2021-12-24 17:02:25 +0530[diff] [blame]1#!/usr/bin/expect -f
2#
3# This script test Linux trusted keys support using OP-TEE as a trust
4# source. The return code is 0 for success, >0 for error.
5#
6
7set timeout 60
8set tk_id 0
9set ek_id 0
10proc check_keyctl_result arg {
11 expect {
Jerome Forissierf263e912022-01-05 09:02:08 +0100[diff] [blame]12 -re "(\n)(\\d+)\r" {
Sumit Garg45cf44c2021-12-24 17:02:25 +0530[diff] [blame]13 set ::$arg $expect_out(2,string)
14 exp_continue
15 }
16 -re "Operation not permitted" {
17 info "keyctl failed: Operation not permitted\n"
18 exit 1
19 }
20 -re "No such device" {
21 info "keyctl failed: Trusted Keys support missing\n"
22 exit 1
23 }
24 -re "\n---" {
25 info "keyctl failed: mismatch\n"
26 exit 1
27 }
28 timeout {
29 info "!!! Timeout\n"
30 exit 1
31 }
32 "# "
33 }
34}
35info "Running: keyctl tests...\n"
36send -- "keyctl add trusted kmk \"new 32\" @u\r"
37check_keyctl_result tk_id
38send -- "keyctl add encrypted evm \"new trusted:kmk 32\" @u\r"
39check_keyctl_result ek_id
40send -- "keyctl pipe $tk_id > kmk.blob\r"
41check_keyctl_result tk_id
42send -- "keyctl pipe $ek_id > evm.blob\r"
43check_keyctl_result ek_id
44send -- "keyctl revoke $ek_id\r"
45check_keyctl_result ek_id
46send -- "keyctl revoke $tk_id\r"
47check_keyctl_result tk_id
48send -- "keyctl add trusted kmk \"load `cat kmk.blob`\" @u\r"
49check_keyctl_result tk_id
50send -- "keyctl add encrypted evm \"load `cat evm.blob`\" @u\r"
51check_keyctl_result ek_id
52send -- "keyctl pipe $tk_id > kmk.blob2\r"
53check_keyctl_result tk_id
54send -- "keyctl pipe $ek_id > evm.blob2\r"
55check_keyctl_result ek_id
56send -- "diff kmk.blob kmk.blob2\r"
57check_keyctl_result tk_id
58send -- "diff evm.blob evm.blob2\r"
59check_keyctl_result ek_id
60info "Status: keyctl tests successful\n"